binji [Wed, 24 Jun 2015 05:36:13 +0000 (22:36 -0700)]
Fix ReferenceError of Worker in regress-crbug-503578
Worker is not defined on the V8 Shared bots.
BUG=chromium:503578
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1202763004
Cr-Commit-Position: refs/heads/master@{#29246}
machenbach [Wed, 24 Jun 2015 05:35:07 +0000 (22:35 -0700)]
[android] Completly move path logic to gyp config.
BUG=chromium:502176
LOG=n
Review URL: https://codereview.chromium.org/
1203653002
Cr-Commit-Position: refs/heads/master@{#29245}
binji [Wed, 24 Jun 2015 04:23:37 +0000 (21:23 -0700)]
Fix cluster-fuzz found regression in d8 when deserializing ArrayBuffer
BUG=503578
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1204753002
Cr-Commit-Position: refs/heads/master@{#29244}
mstarzinger [Wed, 24 Jun 2015 03:50:19 +0000 (20:50 -0700)]
[turbofan] Remove stale control-reducer.cc file.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1197793005
Cr-Commit-Position: refs/heads/master@{#29243}
arv [Tue, 23 Jun 2015 23:18:23 +0000 (16:18 -0700)]
Date() should not depend on Date.prototype.toString
We used to call toString as a method which is not safe.
BUG=v8:4225
LOG=Y
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1200033003
Cr-Commit-Position: refs/heads/master@{#29242}
adamk [Tue, 23 Jun 2015 22:59:19 +0000 (15:59 -0700)]
Revert "Keep a canonical list of shared function infos."
Speculative revert in the hopes of fixing serializer crashes seen in canary.
This reverts commit
c1669450834436508e0007885eb7ac266cbcf083, as well as
followup change "Do not look for existing shared function info when compiling a new script."
(commit
7c43967bb73783b46c2ccf9cdd0fa716b74ce278).
BUG=chromium:503552,v8:4132
TBR=yangguo@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1207583002
Cr-Commit-Position: refs/heads/master@{#29241}
mathias [Tue, 23 Jun 2015 18:42:52 +0000 (11:42 -0700)]
Avoid built-ins in `Date.prototype.toISOString`
TEST=mjsunit/date
BUG=v8:4226
LOG=N
Review URL: https://codereview.chromium.org/
1203733002
Cr-Commit-Position: refs/heads/master@{#29240}
titzer [Tue, 23 Jun 2015 17:26:18 +0000 (10:26 -0700)]
Add mjsunit tests for optimization of float min/max.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1199053011
Cr-Commit-Position: refs/heads/master@{#29239}
dslomov [Tue, 23 Jun 2015 16:50:40 +0000 (09:50 -0700)]
Do not add extra argument for new.target
JSConstructStub for subclass constructors instead locates new.target in
a known location on the stack.
R=arv@chromium.org,adamk@chromium.org
BUG=v8:3886
LOG=N
Review URL: https://codereview.chromium.org/
1196193014
Cr-Commit-Position: refs/heads/master@{#29238}
adamk [Tue, 23 Jun 2015 15:14:06 +0000 (08:14 -0700)]
Expose Map/Set methods through the API
Map: get, set, has, delete, clear
Set: add, has, delete, clear
All except clear are implemented as calls into collection.js.
Note that some of these shadow methods of v8::Object. It's unclear
how confusing that's going to be: on the one hand, it seems likely
that most operations you would want to do on a Map or Set are these.
On the other, generic code could get confused if it somehow gets
ahold of a variable that happens to be C++-typed as a v8::Map or v8::Set.
BUG=v8:3340
LOG=y
Review URL: https://codereview.chromium.org/
1204623002
Cr-Commit-Position: refs/heads/master@{#29237}
ishell [Tue, 23 Jun 2015 15:08:42 +0000 (08:08 -0700)]
Fixed exception handling in Realm.create().
BUG=chromium:501711
LOG=N
Review URL: https://codereview.chromium.org/
1207453002
Cr-Commit-Position: refs/heads/master@{#29236}
jochen [Tue, 23 Jun 2015 15:02:06 +0000 (08:02 -0700)]
Let GC select the collector when the external memory allocation limit is reached
BUG=none
R=hpayer@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1201993002
Cr-Commit-Position: refs/heads/master@{#29235}
mbrandy [Tue, 23 Jun 2015 14:56:50 +0000 (07:56 -0700)]
PPC: [turbofan] Fix implementation of Float64Min.
The optimized instruction sequences for floating-point min/max do not
have the same behaviour as TurboFan's Float(32|64)(Min|Max) functions
(incorrect handling for NaN operands).
R=dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1193843015
Cr-Commit-Position: refs/heads/master@{#29234}
verwaest [Tue, 23 Jun 2015 14:33:04 +0000 (07:33 -0700)]
Don't insert elements transitions into normalized maps
BUG=chromium:499790
LOG=n
Review URL: https://codereview.chromium.org/
1203653003
Cr-Commit-Position: refs/heads/master@{#29233}
verwaest [Tue, 23 Jun 2015 13:35:07 +0000 (06:35 -0700)]
Cleanup adding elements and in particular dictionary elements
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1196163005
Cr-Commit-Position: refs/heads/master@{#29232}
mstarzinger [Tue, 23 Jun 2015 13:33:59 +0000 (06:33 -0700)]
[turbofan] Make global variable loads and stores explicit.
This is a precursor to using specialized LoadIC and StoreIC stubs for
global variable access. It also removes the need to keep track of the
global object in the type system, hence freeing up one bit.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1205473004
Cr-Commit-Position: refs/heads/master@{#29231}
bmeurer [Tue, 23 Jun 2015 12:24:47 +0000 (05:24 -0700)]
[turbofan] NaN is never truish.
BUG=v8:4207
LOG=y
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1198993009
Cr-Commit-Position: refs/heads/master@{#29230}
jacob.bramley [Tue, 23 Jun 2015 11:58:50 +0000 (04:58 -0700)]
[arm64][turbofan] Fix implementation of Float64Min.
ARM64's `fmin` and `fmax` instructions don't have the same behaviour as
TurboFan's Float(32|64)(Min|Max) functions.
BUG=4206
LOG=N
Review URL: https://codereview.chromium.org/
1200123004
Cr-Commit-Position: refs/heads/master@{#29229}
verwaest [Tue, 23 Jun 2015 11:41:27 +0000 (04:41 -0700)]
Fix regexp perf: Only increase array size if needed
BUG=chromium:503457
LOG=n
Review URL: https://codereview.chromium.org/
1198993008
Cr-Commit-Position: refs/heads/master@{#29228}
verwaest [Tue, 23 Jun 2015 11:35:43 +0000 (04:35 -0700)]
Merge AddFastElement and AddFastDoubleElement
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1198343004
Cr-Commit-Position: refs/heads/master@{#29227}
ishell [Tue, 23 Jun 2015 11:30:42 +0000 (04:30 -0700)]
Map::ReconfigureProperty() should mark map as unstable when it returns a different map.
BUG=chromium:502930
LOG=N
Review URL: https://codereview.chromium.org/
1200003002
Cr-Commit-Position: refs/heads/master@{#29226}
Benedikt Meurer [Tue, 23 Jun 2015 11:21:51 +0000 (13:21 +0200)]
[turbofan] Run DeadCodeElimination together with the advanced reducers.
This will immediately remove dead code from the graph once any of
the advanced reducers inserts it. Also changes the GraphReducer to
use the canonical Dead node for ReplaceWithValue.
R=jarin@chromium.org
Committed: https://crrev.com/
88a40c5fb381924b1c0b2403dc582bceb2abe5da
Cr-Commit-Position: refs/heads/master@{#29217}
Review URL: https://codereview.chromium.org/
1206533002.
Cr-Commit-Position: refs/heads/master@{#29225}
ishell [Tue, 23 Jun 2015 11:04:12 +0000 (04:04 -0700)]
Global handle leak in Realm.create() fixed.
BUG=chromium:501808
LOG=N
Review URL: https://codereview.chromium.org/
1197403002
Cr-Commit-Position: refs/heads/master@{#29224}
titzer [Tue, 23 Jun 2015 10:35:33 +0000 (03:35 -0700)]
[turbofan] Make an OptionalOperator for MachineOperatorBuilder.
This makes usage of the MachineOperatorBuilder more robust, as it will be
an error to request an unsupported operator.
Along the way, I noticed that all 7 platforms support Float32Abs and
Float64Abs. Should make them non-optional in another CL?
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1128133003
Cr-Commit-Position: refs/heads/master@{#29223}
verwaest [Tue, 23 Jun 2015 09:44:15 +0000 (02:44 -0700)]
Move SetFastElementsCapacity into GrowCapacityAndConvert
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1197133003
Cr-Commit-Position: refs/heads/master@{#29222}
jochen [Tue, 23 Jun 2015 09:43:09 +0000 (02:43 -0700)]
[test] Teach test runner about whether novfp3 is on or off
BUG=none
R=machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1204643003
Cr-Commit-Position: refs/heads/master@{#29221}
bmeurer [Tue, 23 Jun 2015 09:39:11 +0000 (02:39 -0700)]
Revert of [turbofan] Run DeadCodeElimination together with the advanced reducers. (patchset #1 id:1 of https://codereview.chromium.org/
1206533002/)
Reason for revert:
Looks like this breaks Tests262.
Original issue's description:
> [turbofan] Run DeadCodeElimination together with the advanced reducers.
>
> This will immediately remove dead code from the graph once any of
> the advanced reducers inserts it. Also changes the GraphReducer to
> use the canonical Dead node for ReplaceWithValue.
>
> R=jarin@chromium.org
>
> Committed: https://crrev.com/
88a40c5fb381924b1c0b2403dc582bceb2abe5da
> Cr-Commit-Position: refs/heads/master@{#29217}
TBR=jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1200983004
Cr-Commit-Position: refs/heads/master@{#29220}
mvstanton [Tue, 23 Jun 2015 09:09:04 +0000 (02:09 -0700)]
Vector ICs: Additional Turbofan support
Lowering of stores need the vector and slot if --vector-stores is true.
BUG=
Review URL: https://codereview.chromium.org/
1193313002
Cr-Commit-Position: refs/heads/master@{#29219}
hpayer [Tue, 23 Jun 2015 09:07:14 +0000 (02:07 -0700)]
Fix wrong DCHECK in Heap::FindAllocationMemento where bump pointer overflow points to the currently used new space page.
BUG=chromium:501693
LOG=n
Review URL: https://codereview.chromium.org/
1200833003
Cr-Commit-Position: refs/heads/master@{#29218}
bmeurer [Tue, 23 Jun 2015 08:48:15 +0000 (01:48 -0700)]
[turbofan] Run DeadCodeElimination together with the advanced reducers.
This will immediately remove dead code from the graph once any of
the advanced reducers inserts it. Also changes the GraphReducer to
use the canonical Dead node for ReplaceWithValue.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1206533002
Cr-Commit-Position: refs/heads/master@{#29217}
mstarzinger [Tue, 23 Jun 2015 08:27:16 +0000 (01:27 -0700)]
[turbofan] Avoid embedding type feedback vector into code.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1198263004
Cr-Commit-Position: refs/heads/master@{#29216}
verwaest [Tue, 23 Jun 2015 07:32:03 +0000 (00:32 -0700)]
Also check for access checks and indexed interceptors before allowing fast moving of elements
BUG=
Review URL: https://codereview.chromium.org/
1200053002
Cr-Commit-Position: refs/heads/master@{#29215}
jarin [Tue, 23 Jun 2015 07:17:07 +0000 (00:17 -0700)]
[turbofan] Factor out the function specific part from the frame state operator.
This also threads through the parameter count and local count to the instruction selector. This will be later used to allow merging of various StateValues vector (and prepare for differential encoding which will not distinguish between parameters, locals and expression stack).
BUG=
Review URL: https://codereview.chromium.org/
1191243003
Cr-Commit-Position: refs/heads/master@{#29214}
chunyang.dai [Tue, 23 Jun 2015 06:55:55 +0000 (23:55 -0700)]
X87: Built-in apply() performance benefits from an uninitialized IC.
port
2a3b05758721a2f63a7c611ef22e364ead9ed0f3 (r29175).
original commit message:
Built-in apply() performance benefits from an uninitialized IC.
BUG=
Review URL: https://codereview.chromium.org/
1199913007
Cr-Commit-Position: refs/heads/master@{#29213}
chunyang.dai [Tue, 23 Jun 2015 06:54:49 +0000 (23:54 -0700)]
X87: Vector ICs: Turbofan vector store ic support
port
17c8ffeaa3e4e1769f0b4d0e7c8a6fb26b5297bd (r29173)
original commit message:
Vector ICs: Turbofan vector store ic support
Turbofan needs to pass vector slots around for named and keyed stores.
Also, the CL addresses a missing slot for ClassLiterals.
BUG=
Review URL: https://codereview.chromium.org/
1195793007
Cr-Commit-Position: refs/heads/master@{#29212}
bmeurer [Tue, 23 Jun 2015 06:43:34 +0000 (23:43 -0700)]
[date] Use explicit control flow to replace %_ThrowIfNotADate.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1191283003
Cr-Commit-Position: refs/heads/master@{#29211}
v8-autoroll [Tue, 23 Jun 2015 03:27:38 +0000 (20:27 -0700)]
Update V8 DEPS.
Rolling v8/third_party/android_tools to
21f4bcbd6cd927e4b4227cfde7d5f13486be1236
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1203633004
Cr-Commit-Position: refs/heads/master@{#29210}
littledan [Tue, 23 Jun 2015 00:41:51 +0000 (17:41 -0700)]
Re-ship Harmony Array/TypedArray methods
Turning the --harmony-array flag on has been delayed behind
unrelated test failures. Now that those tests are disabled,
land the changes.
This patch fixes WebKit tests based on the new change.
R=adamk
LOG=Y
BUG=v8:3578
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1199113003
Cr-Commit-Position: refs/heads/master@{#29209}
arv [Mon, 22 Jun 2015 23:43:14 +0000 (16:43 -0700)]
Remove usage of S.p.charCodeAt from uri.js
We were using both String.prototype.charCodeAt and
String.prototype.charAt.
BUG=v8:4224
LOG=N
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1204483003
Cr-Commit-Position: refs/heads/master@{#29208}
littledan [Mon, 22 Jun 2015 22:37:30 +0000 (15:37 -0700)]
Disable a flaky test
This test starts failing when the --harmony-array flag is turned on,
but the failure does not directly have to do with that flag. Disabling
the test in debug mode to unblock the release.
BUG=v8:4237
LOG=n
R=adamk,erikcorry
Review URL: https://codereview.chromium.org/
1202523005
Cr-Commit-Position: refs/heads/master@{#29207}
arv [Mon, 22 Jun 2015 21:55:41 +0000 (14:55 -0700)]
Fix HTML string methods to not depend on replace method
Before this we were using String.prototype.replace. Now
we call the internal StringReplace instead.
BUG=v8:4221
LOG=N
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1199933005
Cr-Commit-Position: refs/heads/master@{#29206}
Adam Klein [Mon, 22 Jun 2015 21:05:29 +0000 (14:05 -0700)]
Add an informative comment on regress-1132 ASAN suppression
TBR=arv@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1199053002.
Cr-Commit-Position: refs/heads/master@{#29205}
verwaest [Mon, 22 Jun 2015 19:57:45 +0000 (12:57 -0700)]
Remove duplicate isolate
BUG=
Review URL: https://codereview.chromium.org/
1196533004
Cr-Commit-Position: refs/heads/master@{#29204}
adamk [Mon, 22 Jun 2015 19:18:27 +0000 (12:18 -0700)]
Use CHECK_LT in CheckHandleCountVisitor for better error message
Review URL: https://codereview.chromium.org/
1201773005
Cr-Commit-Position: refs/heads/master@{#29203}
arv [Mon, 22 Jun 2015 19:07:07 +0000 (12:07 -0700)]
Fix string HTML methods to call ToString
Before this we were using + which calls valueOf which is not correct
for these methods.
BUG=v8:4222
LOG=N
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1194173004
Cr-Commit-Position: refs/heads/master@{#29202}
littledan [Mon, 22 Jun 2015 18:56:56 +0000 (11:56 -0700)]
Disable regress-1132 on ASAN runs
This test appears to trigger some bug in either ASAN or V8 when
accompanied by an increase in JS code size. Disabling the test
on ASAN runs to unblock adding new JS code.
BUG=v8:4236
LOG=N
R=adamk
Review URL: https://codereview.chromium.org/
1203523002
Cr-Commit-Position: refs/heads/master@{#29201}
arv [Mon, 22 Jun 2015 18:53:26 +0000 (11:53 -0700)]
[Test262-es6] Update to use FAIL_SLOPPY everywhere
Also reordered related test
BUG=N
LOG=N
R=adamk, littledan
Review URL: https://codereview.chromium.org/
1199013002
Cr-Commit-Position: refs/heads/master@{#29200}
binji [Mon, 22 Jun 2015 18:51:07 +0000 (11:51 -0700)]
Atomic operations on Uint8ClampedArray
BUG=chromium:497295
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1201543002
Cr-Commit-Position: refs/heads/master@{#29199}
mbrandy [Mon, 22 Jun 2015 18:18:35 +0000 (11:18 -0700)]
PPC: Vector ICs: Turbofan vector store ic support
Port
17c8ffeaa3e4e1769f0b4d0e7c8a6fb26b5297bd
Original commit message:
Turbofan needs to pass vector slots around for named and keyed stores.
Also, the CL addresses a missing slot for ClassLiterals.
R=mvstanton@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1201983005
Cr-Commit-Position: refs/heads/master@{#29198}
mbrandy [Mon, 22 Jun 2015 18:16:34 +0000 (11:16 -0700)]
PPC: Clean up JSConstructStub
Port
882055ff6a58f6b585575229f40f364e5f2a3ad0
Original commit message:
- fix truthfulness of comments
- use InitializeFieldsWithFiller more consistently
- use unsigned comparisons for pointers
No change in functionality intended.
Bonus: improve JavaScriptFrame::Print() for an enhanced debugging experience:
- print PC of each frame
- print the function's source also for optimized frames
R=dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1193363004
Cr-Commit-Position: refs/heads/master@{#29197}
mbrandy [Mon, 22 Jun 2015 18:15:25 +0000 (11:15 -0700)]
PPC: Built-in apply() performance benefits from an uninitialized IC.
Port
2a3b05758721a2f63a7c611ef22e364ead9ed0f3
R=mvstanton@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1196253003
Cr-Commit-Position: refs/heads/master@{#29196}
binji [Mon, 22 Jun 2015 17:12:26 +0000 (10:12 -0700)]
Add d8 API for spawning function on a new thread (Third try)
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=chromium:497295
LOG=n
Review URL: https://codereview.chromium.org/
1192923002
Cr-Commit-Position: refs/heads/master@{#29195}
arv [Mon, 22 Jun 2015 15:08:31 +0000 (08:08 -0700)]
Test262-es6 test runner should handle sloppy fail better
This adds a new FAIL_SLOPPY expected output. It then uses this to
determine if the test case has unexpected output.
BUG=v8:4164
LOG=N
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1197913002
Cr-Commit-Position: refs/heads/master@{#29194}
arv [Mon, 22 Jun 2015 14:29:52 +0000 (07:29 -0700)]
[es6] Bound function names
https://people.mozilla.org/~jorendorff/es6-draft.html#sec-function.prototype.bind
Bound functions should have a name based on the function that was
bound.
This reverts the revert
f2747ed9b48d0e62c7a30da69825ff926aeedbd2. The original
CL was reverted because the Blink layout test broke. I have a CL that disables
these tests at: https://codereview.chromium.org/
1196753003/
BUG=N
LOG=N
R=adamk
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1195983002
Cr-Commit-Position: refs/heads/master@{#29193}
dslomov [Mon, 22 Jun 2015 14:15:53 +0000 (07:15 -0700)]
[destructuring] Implement parameter pattern matching.
Scoping for initializers is yet incorrect. Defaults are not supported.
R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N
Committed: https://crrev.com/
42f30f4ded2b1ca0c4caa7639e6206e93c78ee70
Cr-Commit-Position: refs/heads/master@{#29184}
Review URL: https://codereview.chromium.org/
1189743003
Cr-Commit-Position: refs/heads/master@{#29192}
caitpotter88 [Mon, 22 Jun 2015 13:43:16 +0000 (06:43 -0700)]
[es6] ship Rest Parameters
BUG=v8:2159
LOG=N
R=arv@chromium.org, dslomov@chromium.org, rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1191653008
Cr-Commit-Position: refs/heads/master@{#29191}
jochen [Mon, 22 Jun 2015 13:24:40 +0000 (06:24 -0700)]
Keep track of ArrayBuffers based on collector type, not space
Since Mark/Compact also collects garbage in the new space, we can't just
free old space ArrayBuffers during MC - otherwise we run the risk of
never freeing new array buffers
BUG=v8:4201
R=hpayer@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1199913002
Cr-Commit-Position: refs/heads/master@{#29190}
machenbach [Mon, 22 Jun 2015 13:17:18 +0000 (06:17 -0700)]
[android] Merge gyp configurations.
The merge makes it possible to reuse variables from the
android configuration in standalone.gypi.
BUG=chromium:502176
LOG=n
Review URL: https://codereview.chromium.org/
1196253002
Cr-Commit-Position: refs/heads/master@{#29189}
machenbach [Mon, 22 Jun 2015 13:14:13 +0000 (06:14 -0700)]
Revert of [destructuring] Implement parameter pattern matching. (patchset #7 id:120001 of https://codereview.chromium.org/
1189743003/)
Reason for revert:
[Sheriff] Breaks tsan:
http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/4392
Original issue's description:
> [destructuring] Implement parameter pattern matching.
>
> Scoping for initializers is yet incorrect. Defaults are not supported.
>
> R=arv@chromium.org,rossberg@chromium.org
> BUG=v8:811
> LOG=N
>
> Committed: https://crrev.com/
42f30f4ded2b1ca0c4caa7639e6206e93c78ee70
> Cr-Commit-Position: refs/heads/master@{#29184}
TBR=arv@chromium.org,rossberg@chromium.org,caitpotter88@gmail.com,wingo@igalia.com,dslomov@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811
Review URL: https://codereview.chromium.org/
1195163007
Cr-Commit-Position: refs/heads/master@{#29188}
mstarzinger [Mon, 22 Jun 2015 12:15:55 +0000 (05:15 -0700)]
[turbofan] Add CodeFactory::Instanceof helper.
R=mvstanton@chromium.org
TEST=cctest/test-run-jsops/BinopInstanceOf
Review URL: https://codereview.chromium.org/
1196213004
Cr-Commit-Position: refs/heads/master@{#29187}
ben [Mon, 22 Jun 2015 12:13:52 +0000 (05:13 -0700)]
Use optparse in js2c.py for python compatibility
Without this change, V8 won't build on RHEL/CentOS 6 because the distro
python is too old to know about the argparse module.
Can this commit be cherry-picked to the 4.4 branch? It should apply
cleanly.
BUG=
Review URL: https://codereview.chromium.org/
1192973004
Cr-Commit-Position: refs/heads/master@{#29186}
bmeurer [Mon, 22 Jun 2015 12:08:05 +0000 (05:08 -0700)]
[turbofan] Revive the VectorSlotPair and also put feedback on JSCallFunction.
We resurrect the VectorSlotPair in order to be able to separate the
feedback input for the compiler from the actual type feedback vector
that is required to meet the IC requirements at runtime. This will allow
us to for example use feedback from a different context or divide the
type feedback vector into two separate vectors, without having to touch
the compiler. It'll allow use to load the vector from the shared
function info at runtime, while still consuming feedback in the
compiler (i.e. we don't rely on the feedback vector node to be a heap
constant).
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/
1198983002
Cr-Commit-Position: refs/heads/master@{#29185}
dslomov [Mon, 22 Jun 2015 12:06:55 +0000 (05:06 -0700)]
[destructuring] Implement parameter pattern matching.
Scoping for initializers is yet incorrect. Defaults are not supported.
R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N
Review URL: https://codereview.chromium.org/
1189743003
Cr-Commit-Position: refs/heads/master@{#29184}
machenbach [Mon, 22 Jun 2015 11:32:03 +0000 (04:32 -0700)]
[android] Add toolchain path logic to gyp config.
BUG=chromium:502176
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/
1197703004
Cr-Commit-Position: refs/heads/master@{#29183}
verwaest [Mon, 22 Jun 2015 11:24:03 +0000 (04:24 -0700)]
Move SetFastDoubleElementsCapacity into GrowCapacityAndConvert
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1193343002
Cr-Commit-Position: refs/heads/master@{#29182}
verwaest [Mon, 22 Jun 2015 10:48:53 +0000 (03:48 -0700)]
Remove broken optimization unwrapping number wrappers on setting array.length
Can't imagine it's very useful; lets restore/fix once it becomes relevant
BUG=
Review URL: https://codereview.chromium.org/
1198253002
Cr-Commit-Position: refs/heads/master@{#29181}
verwaest [Mon, 22 Jun 2015 10:44:11 +0000 (03:44 -0700)]
Get rid of JSArray::Expand and friends
BUG=
Review URL: https://codereview.chromium.org/
1194943004
Cr-Commit-Position: refs/heads/master@{#29180}
yangguo [Mon, 22 Jun 2015 09:56:28 +0000 (02:56 -0700)]
Do not look for existing shared function info when compiling a new script.
LOG=N
BUG=chromium:502908
Review URL: https://codereview.chromium.org/
1196223002
Cr-Commit-Position: refs/heads/master@{#29179}
bmeurer [Mon, 22 Jun 2015 09:15:52 +0000 (02:15 -0700)]
[turbofan] Some cleanup to the Typer.
This change does the following:
a.) Remove unused fields from the Typer.
b.) Move some interesting unions to types.h.
c.) Reduce Typer constructor overhead.
d.) Avoid heap allocation in the Typer.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1199903002
Cr-Commit-Position: refs/heads/master@{#29178}
mstarzinger [Mon, 22 Jun 2015 08:25:34 +0000 (01:25 -0700)]
Fix terrible interaction with code flushing.
This fixes a terrible interaction of code flushing and the clearing of
optimized code maps hanging off a SharedFunctionInfo. The following is
what happened:
1) Incremental marking cleared map in SharedFunctionInfo s, however it
was not enqueued as a flushing candidate because one JSFunction f1
still had optimized code.
2) Deoptimization of f1 made s eligible for code flushing.
3) Optimization of f2 added new entry to optimized code map of s.
4) The JSFunction f2 became unreachable and hence is never marked.
5) Incremental marking now visits f1, finds it eligible for flushing,
also s is eligible for flushing, both are enqueued.
6) Marking finishes, code flusher clears f1 and s, but the optimized
code map of s still contains an entry.
7) Boom!
R=ulan@chromium.org,hpayer@chromium.org
TEST=mjsunit/es6/generators-iteration
BUG=v8:3803
LOG=N
Review URL: https://codereview.chromium.org/
1197713004
Cr-Commit-Position: refs/heads/master@{#29177}
Benedikt Meurer [Mon, 22 Jun 2015 08:14:23 +0000 (10:14 +0200)]
[turbofan] Run context specialization, inlining and initial DCE in one pass.
This is another missing piece in the puzzle towards general inlining.
The fact that we can combine this with context specialization is a nice
bonus, and not necessarily a requirement.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1198193002.
Cr-Commit-Position: refs/heads/master@{#29176}
mvstanton [Mon, 22 Jun 2015 07:05:14 +0000 (00:05 -0700)]
Built-in apply() performance benefits from an uninitialized IC.
BUG=
Review URL: https://codereview.chromium.org/
1180713007
Cr-Commit-Position: refs/heads/master@{#29175}
bmeurer [Mon, 22 Jun 2015 07:04:03 +0000 (00:04 -0700)]
[turbofan] Run DeadCodeElimination as part of the generic lowering phase.
This way we don't need the separate late control reduction pass over the
graph, plus we can also reduce dead code recognized by generic lowering.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1198923002
Cr-Commit-Position: refs/heads/master@{#29174}
mvstanton [Sun, 21 Jun 2015 13:55:16 +0000 (06:55 -0700)]
Vector ICs: Turbofan vector store ic support
Turbofan needs to pass vector slots around for named and keyed stores.
Also, the CL addresses a missing slot for ClassLiterals.
BUG=
Review URL: https://codereview.chromium.org/
1178363002
Cr-Commit-Position: refs/heads/master@{#29173}
v8-autoroll [Sat, 20 Jun 2015 08:09:22 +0000 (01:09 -0700)]
Update V8 DEPS.
Rolling v8/buildtools to
ecc8e253abac3b6186a97573871a084f4c0ca3ae
Rolling v8/tools/clang to
73ec8804ed395b0886d6edf82a9f33583f4a7902
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1195673003
Cr-Commit-Position: refs/heads/master@{#29172}
machenbach [Sat, 20 Jun 2015 07:25:20 +0000 (00:25 -0700)]
Revert of Ship Harmony Array/TypedArray methods (patchset #6 id:100001 of https://codereview.chromium.org/
1187543003/)
Reason for revert:
[Sheriff] Breaks gcstress and mac asan:
http://build.chromium.org/p/client.v8/builders/V8%20GC%20Stress%20-%203/builds/3896
http://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/1774
Original issue's description:
> Ship Harmony Array/TypedArray methods
>
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
> BUG=v8:3578
> LOG=Y
> R=adamk
>
> Committed: https://crrev.com/
7142b0d211b732e1c119fded80f43fbbd9cea0f8
> Cr-Commit-Position: refs/heads/master@{#29170}
TBR=adamk@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3578
Review URL: https://codereview.chromium.org/
1195163002
Cr-Commit-Position: refs/heads/master@{#29171}
littledan [Sat, 20 Jun 2015 00:01:46 +0000 (17:01 -0700)]
Ship Harmony Array/TypedArray methods
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=v8:3578
LOG=Y
R=adamk
Review URL: https://codereview.chromium.org/
1187543003
Cr-Commit-Position: refs/heads/master@{#29170}
caitpotter88 [Fri, 19 Jun 2015 22:18:18 +0000 (15:18 -0700)]
[es6] throw TypeError when setting cyclic prototype value
Object.setPrototypeOf() throws a TypeError if value would create a
cycle. Previously a plain Error was thrown rather than a TypeError.
BUG=v8:4197
R=mike@bocoup.com
LOG=N
Review URL: https://codereview.chromium.org/
1198523002
Cr-Commit-Position: refs/heads/master@{#29169}
arv [Fri, 19 Jun 2015 20:40:38 +0000 (13:40 -0700)]
[es6] Ship spread
This enables both --harmony-spreadcalls and --harmony-spread-arrays
BUG=v8:3018
LOG=N
R=caitpotter88@gmail.com, rossberg@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1177223005
Cr-Commit-Position: refs/heads/master@{#29168}
wingo [Fri, 19 Jun 2015 19:55:06 +0000 (12:55 -0700)]
Ship arrow functions
R=rossberg@chromium.org
LOG=Y
BUG=v8:2700
Review URL: https://codereview.chromium.org/
1194873002
Cr-Commit-Position: refs/heads/master@{#29167}
conradw [Fri, 19 Jun 2015 19:00:45 +0000 (12:00 -0700)]
Revert relanded strong property access CL
Reason:
Regressions in various benchmarks.
Revert "Revert of Revert of [strong] Implement strong mode restrictions on property access (patchset #1 id:1 of https://codereview.chromium.org/
1189153002/)"
This reverts commit
41405c0470d5b30ec5d22665ed9430c46b33624f.
Revert "X87: Revert of Revert of [strong] Implement strong mode restrictions on property access."
This reverts commit
48de5f4d6b356d8da9db4afa68814df28e4b575d.
Revert "Fix overlapping KeyedLoadIC bitfield."
This reverts commit
4e6c956abfbfcd8ae193e6bb279cf96997b14e20.
Revert "MIPS64: Fix 'Revert of Revert of [strong] Implement strong mode restrictions on property access'."
This reverts commit
74f97b0d2a4a5102c2817c95139e94ebae900377.
BUG=
Review URL: https://codereview.chromium.org/
1199493002
Cr-Commit-Position: refs/heads/master@{#29166}
verwaest [Fri, 19 Jun 2015 18:59:11 +0000 (11:59 -0700)]
Inline SetLengthWithoutNormalize into its callers
BUG=
Review URL: https://codereview.chromium.org/
1194943002
Cr-Commit-Position: refs/heads/master@{#29165}
arv [Fri, 19 Jun 2015 18:58:05 +0000 (11:58 -0700)]
Test262 update 2015-06-11 (Take 3)
This reverts commit
72bb369d08e8d141f77c0c05f95cf8ed7ac5a9ec.
Always skip slow tests.
Also, some eval tests are failing in strict mode with nosnap
BUG=N
LOG=N
R=adamk@chromium.org, littledan@chromium.org, machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1190063002
Cr-Commit-Position: refs/heads/master@{#29164}
Djordje.Pesic [Fri, 19 Jun 2015 18:56:56 +0000 (11:56 -0700)]
MIPS: Added data tracing to simulator
Added memory and register data tracing to mips32 simulator
Review URL: https://codereview.chromium.org/
1195783002
Cr-Commit-Position: refs/heads/master@{#29163}
mstarzinger [Fri, 19 Jun 2015 18:55:47 +0000 (11:55 -0700)]
Remove deprecated SharedFunctionInfo::dont_cache predicate.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1187563011
Cr-Commit-Position: refs/heads/master@{#29162}
binji [Fri, 19 Jun 2015 18:33:57 +0000 (11:33 -0700)]
Revert of Add d8 API for spawning function on a new thread (Second try) (patchset #3 id:60001 of https://codereview.chromium.org/
1195613003/)
Reason for revert:
Fails on V8 Linux - isolates (http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20isolates/builds/4128)
Original issue's description:
> Add d8 API for spawning function on a new thread (Second try)
>
> This API closely matches the Worker API. The differences:
>
> 1) The argument to the Worker constructor is a function to run, not a script.
> 2) Receiving a message from a worker is a synchronous API (as there is no event
> loop).
>
> The serialization done here is not robust as the real DOM implementation. For
> example, recursive data structures or otherwise duplicated objects are not
> allowed.
>
> BUG=chromium:497295
> R=jochen@chromium.org
> LOG=n
>
> Review URL: https://codereview.chromium.org/
1185643004
>
> Cr-Commit-Position: refs/heads/master@{#29126}
>
> Committed: https://crrev.com/
ec2eaf712ecee6b4891c0458f2397e04a1f9b339
> Cr-Commit-Position: refs/heads/master@{#29158}
TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:497295
Review URL: https://codereview.chromium.org/
1191373005
Cr-Commit-Position: refs/heads/master@{#29161}
arv [Fri, 19 Jun 2015 18:25:23 +0000 (11:25 -0700)]
Revert of Additional HandleScopes to limit Handle consumption. (patchset #4 id:50001 of https://codereview.chromium.org/
1185633002/)
Reason for revert:
Fails the following test
handle-count-ast
handle-count-runtime-...
on V8 Linux - nosnap - debug - 1
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%201/builds/851/steps/Check/logs/stdio
Original issue's description:
> Additional HandleScopes to limit Handle consumption.
>
> erikcorry@chromium.org suggested digging into v8 handle usage. Found potential scopes in ast.cc and runtime-literals.cc and added tests.
>
> The runtime-literals.cc change reduces peak handles in imaging-darkroom.js from 1,282,610 to 428,218. The ast.cc change reduces the peak handles in string-tagcloud.js from 80,738 to 8,176.
>
> No significant handle count issues found with major websites, but substantial savings on some benchmarks and demos:
>
> Kraken's imaging-darkroom.js down from 1,282,610 to 428,218 due to runtime-literals.cc scope.
> SunSpider's string-tagcloud.js down from 80,738 to 8.176 due to ast.cc
>
> http://www.flohofwoe.net/demos/dragons_asmjs.html (738,906 -> 478,296)
> http://www.flohofwoe.net/demos/instancing_asmjs.html (737,884 -> 477,274)
> https://dl.dropboxusercontent.com/u/
16662598/Ports/DOSBox-web/doom.html?engine=dosbox-growth.js (1,724,114 -> 1,087,408)
> https://kripken.github.io/ammo.js/examples/new/ammo.html (175,784 -> 142,058)
>
> BUG=
>
> Committed: https://crrev.com/
3a4c7538839186aa38910c66c986abb563f4ccd2
> Cr-Commit-Position: refs/heads/master@{#29155}
TBR=yangguo@chromium.org,erikcorry@chromium.org,oth@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1194873004
Cr-Commit-Position: refs/heads/master@{#29160}
binji [Fri, 19 Jun 2015 16:14:03 +0000 (09:14 -0700)]
Fix cluster-fuzz bug introduced in refs/heads/master@{#28796}
Don't DCHECK in the atomic runtime functions.
BUG=chromium:501809,chromium:497295
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1189223003
Cr-Commit-Position: refs/heads/master@{#29159}
binji [Fri, 19 Jun 2015 16:12:58 +0000 (09:12 -0700)]
Add d8 API for spawning function on a new thread (Second try)
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=chromium:497295
R=jochen@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1185643004
Cr-Commit-Position: refs/heads/master@{#29126}
Review URL: https://codereview.chromium.org/
1195613003
Cr-Commit-Position: refs/heads/master@{#29158}
dusan.milosavljevic [Fri, 19 Jun 2015 16:11:42 +0000 (09:11 -0700)]
MIPS64: Fix random failures of fannkuch.js.
TEST=mjsunit/asm/embenchen/fannkuch,
mjsunit/math-abs
BUG=
Review URL: https://codereview.chromium.org/
1192413002
Cr-Commit-Position: refs/heads/master@{#29157}
balazs.kilvady [Fri, 19 Jun 2015 16:10:32 +0000 (09:10 -0700)]
MIPS64: Fix 'Revert of Revert of [strong] Implement strong mode restrictions on property access'.
Port
41405c0470d5b30ec5d22665ed9430c46b33624f
TEST=mjsunit/strong/load-property-mutate-backing-store, mjsunit/call-stub
BUG=
Review URL: https://codereview.chromium.org/
1191333003
Cr-Commit-Position: refs/heads/master@{#29156}
oth [Fri, 19 Jun 2015 16:04:13 +0000 (09:04 -0700)]
Additional HandleScopes to limit Handle consumption.
erikcorry@chromium.org suggested digging into v8 handle usage. Found potential scopes in ast.cc and runtime-literals.cc and added tests.
The runtime-literals.cc change reduces peak handles in imaging-darkroom.js from 1,282,610 to 428,218. The ast.cc change reduces the peak handles in string-tagcloud.js from 80,738 to 8,176.
No significant handle count issues found with major websites, but substantial savings on some benchmarks and demos:
Kraken's imaging-darkroom.js down from 1,282,610 to 428,218 due to runtime-literals.cc scope.
SunSpider's string-tagcloud.js down from 80,738 to 8.176 due to ast.cc
http://www.flohofwoe.net/demos/dragons_asmjs.html (738,906 -> 478,296)
http://www.flohofwoe.net/demos/instancing_asmjs.html (737,884 -> 477,274)
https://dl.dropboxusercontent.com/u/
16662598/Ports/DOSBox-web/doom.html?engine=dosbox-growth.js (1,724,114 -> 1,087,408)
https://kripken.github.io/ammo.js/examples/new/ammo.html (175,784 -> 142,058)
BUG=
Review URL: https://codereview.chromium.org/
1185633002
Cr-Commit-Position: refs/heads/master@{#29155}
verwaest [Fri, 19 Jun 2015 15:27:40 +0000 (08:27 -0700)]
Add fast path for setting array.length
BUG=
Review URL: https://codereview.chromium.org/
1195823002
Cr-Commit-Position: refs/heads/master@{#29154}
wingo [Fri, 19 Jun 2015 15:10:01 +0000 (08:10 -0700)]
Better error reporting for "return();"
R=rossberg@chromium.org
BUG=v8:4194
LOG=N
Review URL: https://codereview.chromium.org/
1191303002
Cr-Commit-Position: refs/heads/master@{#29153}
verwaest [Fri, 19 Jun 2015 14:56:57 +0000 (07:56 -0700)]
More cleanup related to setting array.length
BUG=
Review URL: https://codereview.chromium.org/
1191313003
Cr-Commit-Position: refs/heads/master@{#29152}
yangguo [Fri, 19 Jun 2015 14:40:22 +0000 (07:40 -0700)]
Keep a canonical list of shared function infos.
Each Script object now keeps a WeakFixedArray of SharedFunctionInfo
objects created from this script.
This way, when compiling a function, we do not create duplicate shared
function info objects when recompiling with either compiler.
This fixes a class of issues in the debugger, where we set break points
on one shared function info, but functions from duplicate shared function
infos are not affected.
LOG=N
BUG=v8:4132
Review URL: https://codereview.chromium.org/
1183733006
Cr-Commit-Position: refs/heads/master@{#29151}
caitpotter88 [Fri, 19 Jun 2015 14:39:05 +0000 (07:39 -0700)]
[es6] ship Object.assign
BUG=v8:4007
LOG=N
R=rossberg@chromium.org, arv@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Committed: https://crrev.com/
12e194860a56d47a10d89ae34761a4af6b6166bb
Cr-Commit-Position: refs/heads/master@{#29118}
Review URL: https://codereview.chromium.org/
1191003003
Cr-Commit-Position: refs/heads/master@{#29150}
bmeurer [Fri, 19 Jun 2015 14:02:28 +0000 (07:02 -0700)]
[turbofan] Preserve Bounds when cloning nodes in the scheduler.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1196613003
Cr-Commit-Position: refs/heads/master@{#29149}
conradw [Fri, 19 Jun 2015 13:37:44 +0000 (06:37 -0700)]
Fix overlapping KeyedLoadIC bitfield.
BUG=
LOG=N
Review URL: https://codereview.chromium.org/
1192383003
Cr-Commit-Position: refs/heads/master@{#29148}
bmeurer [Fri, 19 Jun 2015 12:48:58 +0000 (05:48 -0700)]
[ubsan] Fix HeapObjectMatcher to avoid invalid casts.
BUG=v8:3809
LOG=n
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
1196623002
Cr-Commit-Position: refs/heads/master@{#29147}